G
Guest
Hi,
We’re running SBS 2000 (sp4). Our security updates are all up to date.
In our ISA ‘Security Report’ I see a lot of Authorization Failures for
certain domain-name\users. I also see a several for IP addresses that are
outside of our network. I’d like to figure out where they’re coming from but
I am not well versed in this area.
* Where would I find the history or log entries that would correspond with
these Authorization Failures?
* Is there any special logging that I should have enabled in order to log
these Authorization Failures?
* Since these Authorization Failures are on the ISA reports, does that mean
they came from outside our network or could they be from inside our network
as well?
Any other helpful hints or advice would be greatly appreciated.
Thanks,
James
We’re running SBS 2000 (sp4). Our security updates are all up to date.
In our ISA ‘Security Report’ I see a lot of Authorization Failures for
certain domain-name\users. I also see a several for IP addresses that are
outside of our network. I’d like to figure out where they’re coming from but
I am not well versed in this area.
* Where would I find the history or log entries that would correspond with
these Authorization Failures?
* Is there any special logging that I should have enabled in order to log
these Authorization Failures?
* Since these Authorization Failures are on the ISA reports, does that mean
they came from outside our network or could they be from inside our network
as well?
Any other helpful hints or advice would be greatly appreciated.
Thanks,
James